From 51a0d68bb28b2d5f56feffb9fe958a906280388a Mon Sep 17 00:00:00 2001
From: Andrey Fedorov <andrey.fedorov@gmail.com>
Date: Wed, 27 Nov 2024 14:46:35 -0500
Subject: [PATCH] still can't see token

---
 .github/workflows/build.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b86e1f9..11a7ed9 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,4 +1,7 @@
 name: Build
+permissions:
+  contents: read
+  pull-requests: read
 on:
   push:
     branches:
@@ -15,8 +18,9 @@ jobs:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
       - name: Check SONAR_TOKEN
         run: echo "SONAR_TOKEN length is ${#SONAR_TOKEN}"
-        env:
+        with:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          export_environment_variables: true
       - name: Install dependencies
         run: yarn
       - name: Test and coverage